News Feature
| January 14, 2014

Neiman Marcus Joins Target In Announcing Holiday Security Breach

It was a busy season for hackers: investigators are also looking into security breaches at several undisclosed retailers

Last week, as Target was announcing that its already extensive data theft was much larger than the company anticipated, another retailer announced that it, too, was the victim to a security breach. KrebsOnSecurity reports that Neiman Marcus has joined Target as a victim of data theft this holiday season. The company has acknowledged that it is working with the U.S. Secret Service, credit card companies, a payment processor, and an investigations and forensics firm to investigate the breach, which occurred mid-December during the busy holiday shopping season. The company has not said how many debit/credit cards were affected by this breach, however it has begun to notify customers whose credit card information has been “used fraudulently.” While it is a strange coincidence that the attack occurred during the same time frame as the Target breach, the company has no evidence to suggest that this breach is in any way connected to Target’s.

In a statement, the company says, “Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores…On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.”

It seems this holiday was a busy year for criminals. Besides Neiman Marcus and Target, a Reuters article says that there were at least three other major retailers (currently undisclosed) hit by cyber-crime this holiday season, in what TechCrunch reporter Rip Empson is calling “Holiday Hack Attack ‘13.” These attacks were carried out in a similar fashion as the Target attack, which has led experts to suspect that these thefts might have been carried out by the same perpetrators. However, this remains unconfirmed. Law enforcement officials also suspect that these hackers are from Eastern Europe, which has been where most large-scale cyber attacks have originated from in the past decade. Sources told Reuters that investigators suspect the hackers used various pieces of malware, specifically a RAM scraper, or software that enables cyber criminals to capture data as it moves through the live memory of computer in plain text. This is certainly not new technology; however, it has become a more popular form of malware in recent years as more retailers are beefing up their security, making other data-capturing approaches more challenging to carry out.

While Target and Neiman Marcus made public announcements about the breaches affecting their customers, the other retailers will most likely keep it under wraps in an effort to protect business. This means that banks and credit card firms will also have to keep these company names confidential unless the company releases a formal statement acknowledging the breach. Some of the retailers that experienced cyber-attacks earlier this year, pre-Thanksgiving/holiday shopping — and there were a couple, Gartener’s Avivah Litan says — might even have been trial attacks to help prepare hackers for the big Target breach, Reuters says.